This paper proposes a cloud-edge-end collaborative defense framework to secure UAV swarms against various threats like GPS spoofing and multi-hop intrusions, demonstrating its effectiveness through ex…

The paper introduces a threat-oriented digital twinning methodology to enable reproducible and controllable cybersecurity evaluation of autonomous platforms, overcoming limitations in accessing real-w…

The paper proposes VerFU, a client-verifiable federated unlearning framework for low-altitude wireless networks that allows devices to ensure the server accurately removes their historical data contri…

The paper introduces Platum, a novel framework that synthesizes verified, low-latency runtime monitors for MAVLink protocols, enabling robust enforcement of contextual message validity on resource-con…

The paper empirically evaluates various agentic architectures for offensive security tasks, finding that while broader coordination improves coverage, the optimal architecture is non-monotonic and dep…

The paper proposes a cross-layer behavioral fingerprinting framework that fuses physical and network data to detect comprehensive attacks in dense LEO satellite constellations, achieving high detectio…

The paper argues that agent security must be treated as a systems problem, requiring the enforcement of security invariants at the system level rather than solely relying on improving the underlying A…

The paper introduces a comprehensive security framework, AgentRFC, to systematically analyze and test the security conformance of various AI agent protocols, identifying critical design gaps, especial…

The paper introduces APIOT, the first LLM framework capable of autonomously performing the full discovery, exploitation, patching, and verification cycle against bare-metal industrial OT devices.

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

This paper systematically analyzes the threat posed by malicious third-party API routers in the LLM supply chain, finding that a significant number of routers actively perform payload injection, crede…

The paper establishes a systematic, non-destructive methodology for acquiring and validating ground-truth firmware images from low-cost consumer drones, revealing the presence of vulnerable, unhardene…

This study empirically measures the consistency and success rate of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation capabilit…

This study empirically measures the consistency and effectiveness of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation rates am…

This paper provides the first comprehensive security analysis of the Agent Skills framework, identifying severe structural vulnerabilities that require fundamental architectural changes rather than si…

The paper introduces BYOT-CPS, a hybrid cyber-physical testbed that bridges the gap between purely simulated and purely physical IoT testing environments, enabling realistic and scalable security asse…

ZERO-APT introduces a novel closed-loop adversarial framework for automated penetration testing that simulates attacks against an intelligent, real-time defending system, achieving a high attack succe…

This paper analyzes RPKI specifications, demonstrating that vague or conflicting requirements in dozens of RFCs cause systemic vulnerabilities in real-world implementations, leading to 61 undocumented…

The paper introduces Distributed Sentinel, a zero-trust architecture that prevents Context-Fragmented Violations (CFVs) in multi-agent systems by propagating security state across departmental boundar…

This paper systematically reviews airport cybersecurity threats, mapping them to the MITRE ATT&CK Matrix to provide actionable recommendations for modern defense models like Zero Trust.